taler/exchange
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

more explicit cipher usage counters

Browse Source
This commit is contained in:
Marco Boss 2022-03-17 14:09:12 +01:00
parent fe94405554
commit 63879d9d20
No known key found for this signature in database
GPG Key ID: 89A3EC33C625C3DF
20 changed files with 118 additions and 48 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/exchange/taler-exchange-httpd_auditors.c
View File

@ -140,7 +140,7 @@ add_auditor_denom_sig (void *cls,
TALER_B2S (awc->auditor_pub));
return GNUNET_DB_STATUS_HARD_ERROR;
}
TEH_METRICS_num_verifications[TEH_MT_EDDSA]++;
TEH_METRICS_num_verifications[TEH_MT_SIGNATURE_EDDSA]++;
if (GNUNET_OK !=
TALER_auditor_denom_validity_verify (
auditor_url,

14
src/exchange/taler-exchange-httpd_deposit.c
View File

@ -382,7 +382,17 @@ TEH_handler_deposit (struct MHD_Connection *connection,
deposit.deposit_fee = dk->meta.fees.deposit;
/* check coin signature */
TEH_METRICS_num_verifications[TEH_MT_CIPHER]++;
switch (dk->denom_pub.cipher)
{
case TALER_DENOMINATION_RSA:
TEH_METRICS_num_verifications[TEH_MT_SIGNATURE_RSA]++;
break;
case TALER_DENOMINATION_CS:
TEH_METRICS_num_verifications[TEH_MT_SIGNATURE_CS]++;
break;
default:
break;
}
if (GNUNET_YES !=
TALER_test_coin_valid (&deposit.coin,
&dk->denom_pub))
@ -406,7 +416,7 @@ TEH_handler_deposit (struct MHD_Connection *connection,
NULL);
}
TEH_METRICS_num_verifications[TEH_MT_EDDSA]++;
TEH_METRICS_num_verifications[TEH_MT_SIGNATURE_EDDSA]++;
if (GNUNET_OK !=
TALER_wallet_deposit_verify (&deposit.amount_with_fee,
&deposit.deposit_fee,

2
src/exchange/taler-exchange-httpd_deposits_get.c
View File

@ -344,7 +344,7 @@ TEH_handler_deposits_get (struct TEH_RequestContext *rc,
return MHD_NO; /* internal error */
if (GNUNET_NO == res)
return MHD_YES; /* parse error */
TEH_METRICS_num_verifications[TEH_MT_EDDSA]++;
TEH_METRICS_num_verifications[TEH_MT_SIGNATURE_EDDSA]++;
if (GNUNET_OK !=
GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MERCHANT_TRACK_TRANSACTION,
&tps,

10
src/exchange/taler-exchange-httpd_keys.c
View File

@ -2453,7 +2453,7 @@ TEH_keys_denomination_sign_withdraw (
switch (hd->denom_pub.cipher)
{
case TALER_DENOMINATION_RSA:
TEH_METRICS_num_signatures[TEH_MT_CIPHER]++;
TEH_METRICS_num_signatures[TEH_MT_SIGNATURE_RSA]++;
return TALER_CRYPTO_helper_rsa_sign (
ksh->helpers->rsadh,
&hd->h_details.h_rsa,
@ -2461,7 +2461,7 @@ TEH_keys_denomination_sign_withdraw (
bp->details.rsa_blinded_planchet.blinded_msg_size,
bs);
case TALER_DENOMINATION_CS:
TEH_METRICS_num_signatures[TEH_MT_CIPHER]++;
TEH_METRICS_num_signatures[TEH_MT_SIGNATURE_CS]++;
return TALER_CRYPTO_helper_cs_sign_withdraw (
ksh->helpers->csdh,
&hd->h_details.h_cs,
@ -2494,7 +2494,7 @@ TEH_keys_denomination_sign_melt (
switch (hd->denom_pub.cipher)
{
case TALER_DENOMINATION_RSA:
TEH_METRICS_num_signatures[TEH_MT_CIPHER]++;
TEH_METRICS_num_signatures[TEH_MT_SIGNATURE_RSA]++;
return TALER_CRYPTO_helper_rsa_sign (
ksh->helpers->rsadh,
&hd->h_details.h_rsa,
@ -2502,7 +2502,7 @@ TEH_keys_denomination_sign_melt (
bp->details.rsa_blinded_planchet.blinded_msg_size,
bs);
case TALER_DENOMINATION_CS:
TEH_METRICS_num_signatures[TEH_MT_CIPHER]++;
TEH_METRICS_num_signatures[TEH_MT_SIGNATURE_CS]++;
return TALER_CRYPTO_helper_cs_sign_melt (
ksh->helpers->csdh,
&hd->h_details.h_cs,
@ -2649,7 +2649,7 @@ TEH_keys_exchange_sign2_ (
{
enum TALER_ErrorCode ec;
TEH_METRICS_num_signatures[TEH_MT_EDDSA]++;
TEH_METRICS_num_signatures[TEH_MT_SIGNATURE_EDDSA]++;
ec = TALER_CRYPTO_helper_esign_sign_ (ksh->helpers->esh,
purpose,
pub,

2
src/exchange/taler-exchange-httpd_kyc-wallet.c
View File

@ -118,7 +118,7 @@ TEH_handler_kyc_wallet (
if (GNUNET_NO == ret)
return MHD_YES; /* failure */
TEH_METRICS_num_verifications[TEH_MT_EDDSA]++;
TEH_METRICS_num_verifications[TEH_MT_SIGNATURE_EDDSA]++;
if (GNUNET_OK !=
GNUNET_CRYPTO_eddsa_verify_ (TALER_SIGNATURE_WALLET_ACCOUNT_SETUP,
&purpose,

2
src/exchange/taler-exchange-httpd_management_denominations_HDP_revoke.c
View File

@ -56,7 +56,7 @@ TEH_handler_management_denominations_HDP_revoke (
if (GNUNET_NO == res)
return MHD_YES; /* failure */
}
TEH_METRICS_num_verifications[TEH_MT_EDDSA]++;
TEH_METRICS_num_verifications[TEH_MT_SIGNATURE_EDDSA]++;
if (GNUNET_OK !=
TALER_exchange_offline_denomination_revoke_verify (
h_denom_pub,

2
src/exchange/taler-exchange-httpd_management_global_fees.c
View File

@ -221,7 +221,7 @@ TEH_handler_management_post_global_fees (
return MHD_YES; /* failure */
}
TEH_METRICS_num_verifications[TEH_MT_EDDSA]++;
TEH_METRICS_num_verifications[TEH_MT_SIGNATURE_EDDSA]++;
if (GNUNET_OK !=
TALER_exchange_offline_global_fee_verify (
afc.start_time,

4
src/exchange/taler-exchange-httpd_management_post_keys.c
View File

@ -179,7 +179,7 @@ add_keys (void *cls,
}
/* check signature is valid */
TEH_METRICS_num_verifications[TEH_MT_EDDSA]++;
TEH_METRICS_num_verifications[TEH_MT_SIGNATURE_EDDSA]++;
if (GNUNET_OK !=
TALER_exchange_offline_denom_validity_verify (
&d->h_denom_pub,
@ -278,7 +278,7 @@ add_keys (void *cls,
}
/* check signature is valid */
TEH_METRICS_num_verifications[TEH_MT_EDDSA]++;
TEH_METRICS_num_verifications[TEH_MT_SIGNATURE_EDDSA]++;
if (GNUNET_OK !=
TALER_exchange_offline_signkey_validity_verify (
&s->exchange_pub,

2
src/exchange/taler-exchange-httpd_management_signkey_EP_revoke.c
View File

@ -56,7 +56,7 @@ TEH_handler_management_signkeys_EP_revoke (
if (GNUNET_NO == res)
return MHD_YES; /* failure */
}
TEH_METRICS_num_verifications[TEH_MT_EDDSA]++;
TEH_METRICS_num_verifications[TEH_MT_SIGNATURE_EDDSA]++;
if (GNUNET_OK !=
TALER_exchange_offline_signkey_revoke_verify (exchange_pub,
&TEH_master_public_key,

4
src/exchange/taler-exchange-httpd_management_wire_enable.c
View File

@ -165,7 +165,7 @@ TEH_handler_management_post_wire (
if (GNUNET_NO == res)
return MHD_YES; /* failure */
}
TEH_METRICS_num_verifications[TEH_MT_EDDSA]++;
TEH_METRICS_num_verifications[TEH_MT_SIGNATURE_EDDSA]++;
if (GNUNET_OK !=
TALER_exchange_offline_wire_add_verify (awc.payto_uri,
awc.validity_start,
@ -179,7 +179,7 @@ TEH_handler_management_post_wire (
TALER_EC_EXCHANGE_MANAGEMENT_WIRE_ADD_SIGNATURE_INVALID,
NULL);
}
TEH_METRICS_num_verifications[TEH_MT_EDDSA]++;
TEH_METRICS_num_verifications[TEH_MT_SIGNATURE_EDDSA]++;
if (GNUNET_OK !=
TALER_exchange_wire_signature_check (awc.payto_uri,
&TEH_master_public_key,

2
src/exchange/taler-exchange-httpd_management_wire_fees.c
View File

@ -188,7 +188,7 @@ TEH_handler_management_post_wire_fees (
return MHD_YES; /* failure */
}
TEH_METRICS_num_verifications[TEH_MT_EDDSA]++;
TEH_METRICS_num_verifications[TEH_MT_SIGNATURE_EDDSA]++;
if (GNUNET_OK !=
TALER_exchange_offline_wire_fee_verify (
afc.wire_method,

14
src/exchange/taler-exchange-httpd_melt.c
View File

@ -341,7 +341,17 @@ check_melt_valid (struct MHD_Connection *connection,
TALER_EC_EXCHANGE_MELT_FEES_EXCEED_CONTRIBUTION,
NULL);
}
TEH_METRICS_num_verifications[TEH_MT_CIPHER]++;
switch (dk->denom_pub.cipher)
{
case TALER_DENOMINATION_RSA:
TEH_METRICS_num_verifications[TEH_MT_SIGNATURE_RSA]++;
break;
case TALER_DENOMINATION_CS:
TEH_METRICS_num_verifications[TEH_MT_SIGNATURE_CS]++;
break;
default:
break;
}
if (GNUNET_OK !=
TALER_test_coin_valid (&rmc->refresh_session.coin,
&dk->denom_pub))
@ -354,7 +364,7 @@ check_melt_valid (struct MHD_Connection *connection,
}
/* verify signature of coin for melt operation */
TEH_METRICS_num_verifications[TEH_MT_EDDSA]++;
TEH_METRICS_num_verifications[TEH_MT_SIGNATURE_EDDSA]++;
if (GNUNET_OK !=
TALER_wallet_melt_verify (&rmc->refresh_session.amount_with_fee,
&rmc->coin_refresh_fee,

36
src/exchange/taler-exchange-httpd_metrics.c
View File

@ -33,9 +33,11 @@ unsigned long long TEH_METRICS_num_requests[TEH_MT_REQUEST_COUNT];
unsigned long long TEH_METRICS_num_conflict[TEH_MT_REQUEST_COUNT];
unsigned long long TEH_METRICS_num_signatures[TEH_MT_CIPHER_COUNT];
unsigned long long TEH_METRICS_num_signatures[TEH_MT_SIGNATURE_COUNT];
unsigned long long TEH_METRICS_num_verifications[TEH_MT_CIPHER_COUNT];
unsigned long long TEH_METRICS_num_verifications[TEH_MT_SIGNATURE_COUNT];
unsigned long long TEH_METRICS_num_keyexchanges[TEH_MT_KEYX_COUNT];
MHD_RESULT
TEH_handler_metrics (struct TEH_RequestContext *rc,
@ -62,15 +64,21 @@ TEH_handler_metrics (struct TEH_RequestContext *rc,
"taler_exchange_received_requests{type=\"%s\"} %llu\n"
"taler_exchange_received_requests{type=\"%s\"} %llu\n"
"# HELP taler_exchange_num_signatures "
" number of signatures created by cipher (rsa, cs) and eddsa\n"
" number of signatures created by cipher\n"
"# TYPE taler_exchange_num_signatures counter\n"
"taler_exchange_num_signatures{type=\"%s\"} %llu\n"
"taler_exchange_num_signatures{type=\"%s\"} %llu\n"
"taler_exchange_num_signatures{type=\"%s\"} %llu\n"
"# HELP taler_exchange_num_signature_verifications "
" number of signatures verified by cipher (rsa, cs) and eddsa\n"
" number of signatures verified by cipher\n"
"# TYPE taler_exchange_num_signature_verifications counter\n"
"taler_exchange_num_signature_verifications{type=\"%s\"} %llu\n"
"taler_exchange_num_signature_verifications{type=\"%s\"} %llu\n",
"taler_exchange_num_signature_verifications{type=\"%s\"} %llu\n"
"taler_exchange_num_signature_verifications{type=\"%s\"} %llu\n"
"# HELP taler_exchange_num_keyexchanges "
" number of key exchanges done by cipher\n"
"# TYPE taler_exchange_num_keyexchanges counter\n"
"taler_exchange_num_keyexchanges{type=\"%s\"} %llu\n",
"other",
TEH_METRICS_num_conflict[TEH_MT_REQUEST_OTHER],
"deposit",
@ -87,14 +95,20 @@ TEH_handler_metrics (struct TEH_RequestContext *rc,
TEH_METRICS_num_requests[TEH_MT_REQUEST_WITHDRAW],
"melt",
TEH_METRICS_num_requests[TEH_MT_REQUEST_MELT],
"cipher",
TEH_METRICS_num_signatures[TEH_MT_CIPHER],
"rsa",
TEH_METRICS_num_signatures[TEH_MT_SIGNATURE_RSA],
"cs",
TEH_METRICS_num_signatures[TEH_MT_SIGNATURE_CS],
"eddsa",
TEH_METRICS_num_signatures[TEH_MT_EDDSA],
"cipher",
TEH_METRICS_num_verifications[TEH_MT_CIPHER],
TEH_METRICS_num_signatures[TEH_MT_SIGNATURE_EDDSA],
"rsa",
TEH_METRICS_num_verifications[TEH_MT_SIGNATURE_RSA],
"cs",
TEH_METRICS_num_verifications[TEH_MT_SIGNATURE_CS],
"eddsa",
TEH_METRICS_num_verifications[TEH_MT_EDDSA]);
TEH_METRICS_num_verifications[TEH_MT_SIGNATURE_EDDSA],
"ecdh",
TEH_METRICS_num_keyexchanges[TEH_MT_KEYX_ECDH]);
resp = MHD_create_response_from_buffer (strlen (reply),
reply,
MHD_RESPMEM_MUST_FREE);

29
src/exchange/taler-exchange-httpd_metrics.h
View File

@ -39,13 +39,23 @@ enum TEH_MetricTypeRequest
};
/**
* Cipher types for which we collect metrics.
* Cipher types for which we collect signature metrics.
*/
enum TEH_MetricTypeRequestCipher
enum TEH_MetricTypeSignature
{
TEH_MT_CIPHER = 0,
TEH_MT_EDDSA = 2,
TEH_MT_CIPHER_COUNT = 3
TEH_MT_SIGNATURE_RSA = 0,
TEH_MT_SIGNATURE_CS = 1,
TEH_MT_SIGNATURE_EDDSA = 2,
TEH_MT_SIGNATURE_COUNT = 3
};
/**
* Cipher types for which we collect key exchange metrics.
*/
enum TEH_MetricTypeKeyX
{
TEH_MT_KEYX_ECDH = 0,
TEH_MT_KEYX_COUNT = 1
};
/**
@ -62,12 +72,17 @@ extern unsigned long long TEH_METRICS_num_conflict[TEH_MT_REQUEST_COUNT];
/**
* Number of signatures created by the respecitve cipher.
*/
extern unsigned long long TEH_METRICS_num_signatures[TEH_MT_CIPHER_COUNT];
extern unsigned long long TEH_METRICS_num_signatures[TEH_MT_SIGNATURE_COUNT];
/**
* Number of signatures verified by the respecitve cipher.
*/
extern unsigned long long TEH_METRICS_num_verifications[TEH_MT_CIPHER_COUNT];
extern unsigned long long TEH_METRICS_num_verifications[TEH_MT_SIGNATURE_COUNT];
/**
* Number of key exchnages done with the respective cipher.
*/
extern unsigned long long TEH_METRICS_num_keyexchanges[TEH_MT_KEYX_COUNT];
/**
* Handle a "/metrics" request.

14
src/exchange/taler-exchange-httpd_recoup-refresh.c
View File

@ -217,7 +217,17 @@ verify_and_execute_recoup_refresh (
}
/* check denomination signature */
TEH_METRICS_num_verifications[TEH_MT_CIPHER]++;
switch (dk->denom_pub.cipher)
{
case TALER_DENOMINATION_RSA:
TEH_METRICS_num_verifications[TEH_MT_SIGNATURE_RSA]++;
break;
case TALER_DENOMINATION_CS:
TEH_METRICS_num_verifications[TEH_MT_SIGNATURE_CS]++;
break;
default:
break;
}
if (GNUNET_YES !=
TALER_test_coin_valid (coin,
&dk->denom_pub))
@ -231,7 +241,7 @@ verify_and_execute_recoup_refresh (
}
/* check recoup request signature */
TEH_METRICS_num_verifications[TEH_MT_EDDSA]++;
TEH_METRICS_num_verifications[TEH_MT_SIGNATURE_EDDSA]++;
if (GNUNET_OK !=
TALER_wallet_recoup_refresh_verify (&coin->denom_pub_hash,
coin_bks,

14
src/exchange/taler-exchange-httpd_recoup.c
View File

@ -219,7 +219,17 @@ verify_and_execute_recoup (
}
/* check denomination signature */
TEH_METRICS_num_verifications[TEH_MT_CIPHER]++;
switch (dk->denom_pub.cipher)
{
case TALER_DENOMINATION_RSA:
TEH_METRICS_num_verifications[TEH_MT_SIGNATURE_RSA]++;
break;
case TALER_DENOMINATION_CS:
TEH_METRICS_num_verifications[TEH_MT_SIGNATURE_CS]++;
break;
default:
break;
}
if (GNUNET_YES !=
TALER_test_coin_valid (coin,
&dk->denom_pub))
@ -233,7 +243,7 @@ verify_and_execute_recoup (
}
/* check recoup request signature */
TEH_METRICS_num_verifications[TEH_MT_EDDSA]++;
TEH_METRICS_num_verifications[TEH_MT_SIGNATURE_EDDSA]++;
if (GNUNET_OK !=
TALER_wallet_recoup_verify (&coin->denom_pub_hash,
coin_bks,

3
src/exchange/taler-exchange-httpd_refreshes_reveal.c
View File

@ -262,6 +262,7 @@ check_commitment (struct RevealContext *rctx,
GNUNET_CRYPTO_ecdhe_key_get_public (&tpriv->ecdhe_priv,
&rce->transfer_pub.ecdhe_pub);
TEH_METRICS_num_keyexchanges[TEH_MT_KEYX_ECDH]++;
TALER_link_reveal_transfer_secret (tpriv,
&rctx->melt.session.coin.coin_pub,
&ts);
@ -684,7 +685,7 @@ clean_age:
return (GNUNET_NO == res) ? MHD_YES : MHD_NO;
/* Check signature */
TEH_METRICS_num_verifications[TEH_MT_EDDSA]++;
TEH_METRICS_num_verifications[TEH_MT_SIGNATURE_EDDSA]++;
if (GNUNET_OK !=
TALER_wallet_link_verify (
&rrcs[i].h_denom_pub,

2
src/exchange/taler-exchange-httpd_refund.c
View File

@ -209,7 +209,7 @@ verify_and_execute_refund (struct MHD_Connection *connection,
.refund = refund
};
TEH_METRICS_num_verifications[TEH_MT_EDDSA]++;
TEH_METRICS_num_verifications[TEH_MT_SIGNATURE_EDDSA]++;
if (GNUNET_OK !=
TALER_merchant_refund_verify (&refund->coin.coin_pub,
&refund->details.h_contract_terms,

6
src/exchange/taler-exchange-httpd_responses.c
View File

@ -68,7 +68,7 @@ TEH_RESPONSE_compile_transaction_history (
&h_wire);
#if ENABLE_SANITY_CHECKS
/* internal sanity check before we hand out a bogus sig... */
TEH_METRICS_num_verifications[TEH_MT_EDDSA]++;
TEH_METRICS_num_verifications[TEH_MT_SIGNATURE_EDDSA]++;
if (GNUNET_OK !=
TALER_wallet_deposit_verify (&deposit->amount_with_fee,
&deposit->deposit_fee,
@ -133,7 +133,7 @@ TEH_RESPONSE_compile_transaction_history (
const struct TALER_AgeCommitmentHash *phac = NULL;
#if ENABLE_SANITY_CHECKS
TEH_METRICS_num_verifications[TEH_MT_EDDSA]++;
TEH_METRICS_num_verifications[TEH_MT_SIGNATURE_EDDSA]++;
if (GNUNET_OK !=
TALER_wallet_melt_verify (&melt->amount_with_fee,
&melt->melt_fee,
@ -187,7 +187,7 @@ TEH_RESPONSE_compile_transaction_history (
struct TALER_Amount value;
#if ENABLE_SANITY_CHECKS
TEH_METRICS_num_verifications[TEH_MT_EDDSA]++;
TEH_METRICS_num_verifications[TEH_MT_SIGNATURE_EDDSA]++;
if (GNUNET_OK !=
TALER_merchant_refund_verify (coin_pub,
&refund->h_contract_terms,

2
src/exchange/taler-exchange-httpd_withdraw.c
View File

@ -489,7 +489,7 @@ TEH_handler_withdraw (struct TEH_RequestContext *rc,
NULL);
}
TEH_METRICS_num_verifications[TEH_MT_EDDSA]++;
TEH_METRICS_num_verifications[TEH_MT_SIGNATURE_EDDSA]++;
if (GNUNET_OK !=
TALER_wallet_withdraw_verify (&wc.collectable.denom_pub_hash,
&wc.collectable.amount_with_fee,